Beginning on Friday, May 15 at 6:00 p.m. ET/ 11:00 p.m. BST/ May 16 at 3:30 a.m. IST/ 6:00 a.m. HKT and extending through
May 31, the opportunities page will be unavailable to search and apply for jobs as we work to improve your experience.

Apply Now    

Global Technology Security Risk Management & Assessment Lead - Global Technology Infrastructure

Job Description

JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.6 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world's most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at
Global Technology Infrastructure (GTI) is the technology infrastructure organization for the firm, delivering a wide range of products and services, and partnering with all lines of business to provide high quality service delivery, exceptional project execution and financially disciplined approaches and processes in the most cost effective manner. The objective of GTI is to balance both business alignment and the centralized delivery of core products and services. GTI is designed to address the unique infrastructure needs of specific lines of business and the demand to leverage economies of scale across the firm.
The Global Technology Security Risk Management & Assessment Lead will serve as the primary interface for the Global Technology Cyber team to interact with the vulnerability discovery, assessment and training central cybersecurity functions. This role will further mature GTI’s Cybersecurity capabilities and position GTI to proactively “shift left” in terms of assessing vulnerabilities within our network infrastructure.   It is responsible for maintaining a strong relationship with the central cybersecurity team to understand, maintain and document the ongoing cybersecurity profile of the business, and translate their discovery and assessment operations into tangible, realistic goals for the global technology business.
The successful candidate will be part of a growing team to maintain a continued understanding of the key risk to the business and be able to converse with technology experts  to identify both process and technology controls to mitigate those risks. They will also provide advice to projects to ensure prioritized delivery of capabilities mitigating the key cyber risk facing the business.
The role will encompass a wide range of business risk responsibilities from strategy and framework development ongoing business focused security and risk assessments to identify key business risk and engaging with IT teams to enhance capabilities to mitigate those identified risks.
The ideal candidate will be able to demonstrate a sound understanding of operational risk, information security and be able to apply that knowledge in the financial services industry through influence and advice and be able to show a tangible shift in the cyber risk posture for the component of the business being supported.
Key responsibilities:
  • Strong client relationship management skills at all levels with the business and technology. Facing off to Chief Technology Officers and Heads of Business functions with the ability to convey complex cyber security topics in a clear understandable manner.
  • Seen as a subject matter expert and key advisor to the business on the risk associated with cyber security and able to translate for the specific business unit.
  • Partnership with the Cybersecurity & GTI management teams, and other LOB BISO teams.
  • Drive ad hoc security assessments and leverage results of security scanning, penetration testing, and Cyber Exercise team assessments.
  • Understand and convey the risk posture of the business, understanding the key cyber security risks facing the business with the ability to understand key technology controls and the maturity of those controls to mitigate identified risks.
  • Project Engagement – The ability to engage in affective manner with Technology, TCOs and Cyber Security teams to assist in platform assessment to identify and verify exposure to common security vulnerabilities, providing remediation guidance at a business process level.
  • Contribute to the development and implementation of cyber security policies, standards, procedures, and guidelines.
  • Data Analysis – understand, interpret, validate, manipulate data using excel and other tools, and present conclusions and recommendations.
  • Impact Analysis – Review proposed solutions across CTR, develop use cases to explain/demonstrate requirements/specifications to key stakeholders.
  • Provide baseline MIS and reporting, both during impact analysis and on-going execution of risk-driven projects, organize and deliver clear and accurate data for Technology and Executive Management.
  • 8+yrs of Information Technology experience.
  • Extensive specific Cyber / Information Risk Management/Vulnerability Assessment experience
  • A graduate degree or equivalent experience (in computer science, information systems management, business administration or related field) is preferred.
  • Information security certifications (such as CISSP, CISA, CISM or related certifications) would be preferred
  • Ability to influence across the organization at a senior level including technology and business executives
  • Excellent written and verbal communication skills
  • Exceptional data analysis, both quantitative and qualitative
  • Strong reasoning and logic, problem solving skills
  • Experience in working with diverse cross geography teams
  • Self motivated individual, comfortable working in a leadership position without close supervision and with ability to work to deadlines.
  • Team player with proven ability to build strong cross-business relationships
  • Exposure to information security principles and relevant standards including Access Management, Change Management, Security Incidents and Business Continuity Management.
  • Must have a solid Information Business Risk background, including risk analysis, privacy, data protection.
  • Accomplishments in program leadership, policy/standards development, project management.
  • Strong interpersonal and communication skills, plus the ability to achieve goals through influence, collaboration, and cooperation.
  • Demonstrated ability to work effectively with all levels of and organization from executives to technology specialists.
  • Expertise in risk management approaches to assess and address security and other types of Information Technology-related risks.
  • Integrity and high standards of personal and professional conduct.
  • Experience with evolving state-of-the-art information security technologies, technology policy and security administration.
Req #: 160036784
Location: Houston, TX US
Job Category: Technology
Employment Type: Full Time
Potential Referral Amount: 5000 US Dollar (USD)

Apply Now    

Join our Talent Community

Not ready to apply? Leave your information with us and we will keep you up to date with new career opportunities.

Join Now

Privacy Statement

Any information you provide is confidential and will only be viewed by our recruiters in an effort to fill open positions. In addition, the information you provide is subject to our privacy policy practices.

Please note that J.P. Morgan will not accept unsolicited approaches or speculative CVs, nor will J.P. Morgan be responsible for any related fees, from Third Party Firms who are not preferred suppliers.

The firm invites all interested and qualified candidates to apply for employment opportunities.

Need disability related assistance?

If you are a US or Canadian applicant with a disability who is unable to use our online tools to search and apply for jobs, please contact us by calling (US and Canada Only) 1-866-777-4690. Please indicate the specifics of the assistance needed.

Keep in touch

Not ready to apply? Leave your information with us and we will keep you up to date with new career opportunities.